click.giftload infection

scan report

OTL logfile created on: 22/05/2011 20:36:28 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Ole\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8080.16413)
Locale: 00000813 | Country: België | Language: NLB | Date Format: d/MM/yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
7,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285,09 Gb Total Space | 124,77 Gb Free Space | 43,77% Space Free | Partition Type: NTFS
Drive J: | 931,28 Gb Total Space | 657,12 Gb Free Space | 70,56% Space Free | Partition Type: FAT32

Computer Name: PC_OLE | User Name: Ole | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Ole\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\EASEUS\Todo Backup 2.0\bin\EuWatch.exe (CHENGDU YIWO Tech Development Co., Ltd)
PRC - C:\Program Files\EASEUS\Todo Backup 2.0\bin\Agent.exe (CHENGDU YIWO Tech Development Co., Ltd)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\ACER\Preload\Autorun\DRV\FUJI Keyboard\AOSD.exe (Packard Bell BV)
PRC - C:\ACER\Preload\Autorun\DRV\FUJI Keyboard\ABoard.exe (Packard Bell BV)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()


========== Modules (SafeList) ==========

MOD - C:\Users\Ole\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========
 
In my remove programs list, i still see a empty drop down and side menu.

Not sure if I am understanding what your posting, do you mean when you go to Programs and Features in the Control Panel that nothing loads ??


You did not post an entire OTL log, please run it again (not the fix ) just the scan and post a new log please
 
I've captured an image of what I get to see when i'm in programs and features, when trying to uninstall in windows directly. Also when I right click on something, it gives a dropdown menu but with nothing inside. (see attachment)

Im rerunning the scan and will repost the report soon.
 
OTL logfile created on: 23/05/2011 19:54:57 - Run 3
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Ole\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8080.16413)
Locale: 00000813 | Country: België | Language: NLB | Date Format: d/MM/yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
7,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285,09 Gb Total Space | 124,32 Gb Free Space | 43,61% Space Free | Partition Type: NTFS
Drive J: | 931,28 Gb Total Space | 657,12 Gb Free Space | 70,56% Space Free | Partition Type: FAT32

Computer Name: PC_OLE | User Name: Ole | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Ole\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\PicPick\picpick.exe ()
PRC - C:\Program Files\EASEUS\Todo Backup 2.0\bin\EuWatch.exe (CHENGDU YIWO Tech Development Co., Ltd)
PRC - C:\Program Files\EASEUS\Todo Backup 2.0\bin\Agent.exe (CHENGDU YIWO Tech Development Co., Ltd)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\ACER\Preload\Autorun\DRV\FUJI Keyboard\AOSD.exe (Packard Bell BV)
PRC - C:\ACER\Preload\Autorun\DRV\FUJI Keyboard\ABoard.exe (Packard Bell BV)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()


========== Modules (SafeList) ==========

MOD - C:\Users\Ole\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\AVAST Software\Avast\snxhk.dll (AVAST Software)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (EASEUS Agent) -- C:\Program Files\EASEUS\Todo Backup 2.0\bin\Agent.exe (CHENGDU YIWO Tech Development Co., Ltd)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (Partner Service) -- C:\ProgramData\Partner\partner.exe (Google Inc.)
SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (ezSharedSvc) -- C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AdobeActiveFileMonitor6.0) -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()


========== Driver Services (SafeList) ==========

DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (EUFS) -- C:\Windows\system32\drivers\eufs.sys (CHENGDU YIWO Tech Development Co., Ltd)
DRV - (EUDSKACS) -- C:\Windows\System32\drivers\eudskacs.sys (CHENGDU YIWO Tech Development Co., Ltd)
DRV - (EUBAKUP) -- C:\Windows\system32\drivers\eubakup.sys (CHENGDU YIWO Tech Development Co., Ltd)
DRV - (EuDisk) -- C:\Windows\System32\drivers\EuDisk.sys (CHENGDU YIWO Tech Development Co., Ltd)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek )
DRV - (LgBttPort) -- C:\Windows\System32\drivers\lgbtport.sys (LG Electronics Inc.)
DRV - (LGVMODEM) -- C:\Windows\System32\drivers\lgvmodem.sys (LG Electronics Inc.)
DRV - (lgbusenum) -- C:\Windows\System32\drivers\lgbtbus.sys (LG Electronics Inc.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (lgmdmdm) -- C:\Windows\System32\drivers\lgmdmdm.sys (MCCI Corporation)
DRV - (lgmdmgmt) LG Mobile USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\lgmdmgmt.sys (MCCI Corporation)
DRV - (lgmdobex) -- C:\Windows\System32\drivers\lgmdobex.sys (MCCI Corporation)
DRV - (lgmdbus) LG Mobile driver (WDM) -- C:\Windows\System32\drivers\lgmdbus.sys (MCCI Corporation)
DRV - (lgmdmdfl) -- C:\Windows\System32\drivers\lgmdmdfl.sys (MCCI Corporation)
DRV - (nvstor32) -- C:\Windows\system32\DRIVERS\nvstor32.sys (NVIDIA Corporation)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Program Files\CyberLink\PlayMovie\000.fcl (Cyberlink Corp.)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.telenet.be
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.telenet.be
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=IEFM1&PC=VIATDF&q="
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.standaard.be/"
FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19.1
FF - prefs.js..extensions.enabledItems: nl-NL@dictionaries.addons.mozilla.org:3.0.1
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {2bfc8624-5b8a-4060-b86a-e78ccbc38509}:2.4
FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101
FF - prefs.js..extensions.enabledItems: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}:2.0
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=panda&type=PCAFSI1143&p="
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/05/22 20:15:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/22 19:33:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/07 00:16:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/03/06 10:38:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2009/12/12 11:38:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ole\AppData\Roaming\mozilla\Extensions
[2009/12/12 11:38:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ole\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2009/05/20 17:00:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ole\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2009/06/16 11:20:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ole\AppData\Roaming\mozilla\Extensions\songbird@songbirdnest.com
[2011/05/22 19:26:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ole\AppData\Roaming\mozilla\Firefox\Profiles\0rgkufor.default\extensions
[2010/04/27 10:59:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Ole\AppData\Roaming\mozilla\Firefox\Profiles\0rgkufor.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/12/28 11:12:06 | 000,000,000 | ---D | M] ("BetterSearch") -- C:\Users\Ole\AppData\Roaming\mozilla\Firefox\Profiles\0rgkufor.default\extensions\{2bfc8624-5b8a-4060-b86a-e78ccbc38509}
[2010/12/13 18:14:09 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Users\Ole\AppData\Roaming\mozilla\Firefox\Profiles\0rgkufor.default\extensions\en-GB@dictionaries.addons.mozilla.org
[2010/11/27 08:25:29 | 000,000,000 | ---D | M] (Woordenboek Nederlands) -- C:\Users\Ole\AppData\Roaming\mozilla\Firefox\Profiles\0rgkufor.default\extensions\nl-NL@dictionaries.addons.mozilla.org
[2010/01/17 10:53:12 | 000,002,185 | ---- | M] () -- C:\Users\Ole\AppData\Roaming\Mozilla\Firefox\Profiles\0rgkufor.default\searchplugins\bing.xml
[2011/05/22 19:33:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/01/14 10:59:40 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
File not found (No name found) --
[2011/05/22 20:15:39 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/04/14 18:57:43 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/01/01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2010/01/01 10:00:00 | 000,001,892 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bolcom-nl.xml
[2010/01/01 10:00:00 | 000,004,558 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\marktplaats-nl.xml
[2010/01/01 10:00:00 | 000,001,111 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\vandale-nl.xml
[2010/01/01 10:00:00 | 000,001,049 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-nl.xml

O1 HOSTS File: ([2011/05/22 20:22:43 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll (Google Inc.)
O2 - BHO: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - File not found
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [EaseUs Watch] C:\Program Files\EASEUS\Todo Backup 2.0\bin\EuWatch.exe (CHENGDU YIWO Tech Development Co., Ltd)
O4 - HKLM..\Run: [FujiKeyboard] c:\ACER\Preload\Autorun\DRV\FUJI Keyboard\ABoard.exe (Packard Bell BV)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKCU..\Run: [PicPick Start] C:\Program Files\PicPick\picpick.exe ()
O4 - Startup: C:\Users\Ole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Chessmaster%20Challenge/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.130.131.5 195.130.130.133
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Ole\Pictures\Windows_by_serpim [DesktopNexus.com].jpg
O24 - Desktop BackupWallPaper: C:\Users\Ole\Pictures\Windows_by_serpim [DesktopNexus.com].jpg
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\System32\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/12/26 19:51:21 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/23 19:47:39 | 000,000,000 | ---D | C] -- C:\Users\Ole\AppData\Roaming\picpick
[2011/05/23 19:47:24 | 000,000,000 | ---D | C] -- C:\Users\Ole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PicPick
[2011/05/23 19:47:24 | 000,000,000 | ---D | C] -- C:\Program Files\PicPick
[2011/05/22 20:22:37 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/05/22 20:20:59 | 000,000,000 | ---D | C] -- C:\Users\Ole\Desktop\Erunt
[2011/05/22 20:16:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011/05/22 20:16:17 | 000,307,928 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/05/22 20:16:17 | 000,019,544 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/05/22 20:16:16 | 000,049,240 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/05/22 20:16:16 | 000,025,432 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/05/22 20:16:15 | 000,441,176 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/05/22 20:16:15 | 000,053,592 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/05/22 20:15:35 | 000,040,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/05/22 20:15:34 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/05/22 20:15:19 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/05/22 20:15:19 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/05/22 12:55:38 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/05/22 12:55:25 | 000,000,000 | ---D | C] -- C:\Users\Ole\AppData\Local\temp
[2011/05/22 12:18:46 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011/05/22 12:15:40 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011/05/22 12:10:47 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Ole\Desktop\OTL.exe
[2011/05/22 05:27:53 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/05/22 05:27:53 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011/05/22 05:27:41 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011/05/22 05:27:40 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011/05/22 05:27:36 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011/05/22 05:27:13 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/05/22 05:26:58 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011/05/22 05:26:57 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011/05/22 05:26:41 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011/05/22 05:26:40 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011/05/22 05:26:37 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011/05/22 05:26:37 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2011/05/21 18:16:35 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/05/21 17:44:10 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/05/21 17:44:10 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/05/21 17:44:10 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/05/21 17:41:22 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/05/21 14:26:33 | 001,407,280 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Ole\Desktop\TDSSKiller.exe
[2011/05/21 07:55:27 | 000,589,632 | ---- | C] (AVAST Software) -- C:\Users\Ole\Desktop\aswMBR.exe
[2011/05/19 19:31:07 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/05/19 19:30:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2011/05/19 19:30:13 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2011/05/10 08:49:45 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security
[2011/05/02 16:40:59 | 000,000,000 | ---D | C] -- C:\Users\Ole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
[2011/05/02 16:40:57 | 000,000,000 | ---D | C] -- C:\Program Files\ParetoLogic
[2011/05/02 16:40:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ParetoLogic
[2011/05/02 15:33:43 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/05/02 10:51:06 | 000,000,000 | ---D | C] -- C:\Users\Ole\AppData\Roaming\Panda Security
[2011/05/02 10:35:09 | 000,000,000 | ---D | C] -- C:\Users\Ole\AppData\Roaming\SurfSecret Privacy Suite
[2011/05/02 10:33:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2011/05/02 10:33:46 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2011/05/02 10:32:48 | 000,428,352 | ---- | C] (Panda Security) -- C:\Windows\System32\StubInstaller.exe
[2011/04/27 19:58:21 | 000,000,000 | ---D | C] -- C:\Users\Ole\AppData\Roaming\Unity

========== Files - Modified Within 30 Days ==========

[2011/05/23 19:50:23 | 000,124,396 | ---- | M] () -- C:\Users\Ole\Documents\Image 000.png
[2011/05/23 19:22:00 | 000,689,956 | ---- | M] () -- C:\Windows\System32\perfh013.dat
[2011/05/23 19:22:00 | 000,607,470 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/05/23 19:22:00 | 000,135,744 | ---- | M] () -- C:\Windows\System32\perfc013.dat
[2011/05/23 19:22:00 | 000,108,742 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/23 19:15:42 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2011/05/23 19:15:31 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/23 19:15:31 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/23 19:15:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/23 07:57:03 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/05/22 20:22:43 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2011/05/22 20:16:18 | 000,001,831 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/05/22 20:16:15 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/05/22 19:51:55 | 000,480,480 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/05/22 19:45:35 | 002,174,580 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2011/05/22 19:33:40 | 000,000,872 | ---- | M] () -- C:\Users\Ole\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/05/22 19:33:40 | 000,000,848 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/05/22 12:11:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Ole\Desktop\OTL.exe
[2011/05/21 18:00:01 | 000,000,440 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2011/05/21 17:37:25 | 004,352,567 | R--- | M] () -- C:\Users\Ole\Desktop\ComboFix.exe
[2011/05/21 16:39:35 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/21 13:18:21 | 000,000,512 | ---- | M] () -- C:\Users\Ole\Desktop\MBR.dat
[2011/05/21 07:55:28 | 000,589,632 | ---- | M] (AVAST Software) -- C:\Users\Ole\Desktop\aswMBR.exe
[2011/05/21 07:53:58 | 000,000,133 | ---- | M] () -- C:\Users\Ole\Desktop\regfix.reg
[2011/05/20 19:56:13 | 369,589,978 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/05/19 19:30:30 | 000,000,915 | ---- | M] () -- C:\Users\Ole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/05/19 19:30:14 | 000,000,735 | ---- | M] () -- C:\Users\Ole\Desktop\NTREGOPT.lnk
[2011/05/19 19:30:14 | 000,000,716 | ---- | M] () -- C:\Users\Ole\Desktop\ERUNT.lnk
[2011/05/13 13:21:28 | 001,407,280 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Ole\Desktop\TDSSKiller.exe
[2011/05/11 02:45:48 | 000,110,592 | ---- | M] (LG Electronics) -- C:\Users\Ole\Documents\LGMobileDL.dll
[2011/05/10 14:10:59 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/05/10 14:10:55 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/05/10 14:03:54 | 000,441,176 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/05/10 14:03:44 | 000,307,928 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/05/10 14:02:37 | 000,049,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/05/10 13:59:56 | 000,025,432 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/05/10 13:59:44 | 000,053,592 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/05/10 13:59:35 | 000,019,544 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/05/10 08:47:39 | 000,513,008 | ---- | M] () -- C:\Users\Ole\Desktop\avinstall.exe
[2011/05/06 09:10:47 | 000,028,259 | ---- | M] () -- C:\Users\Ole\AppData\Roaming\Comma Separated Values (Windows).ADR
[2011/05/06 09:10:19 | 000,012,939 | ---- | M] () -- C:\Users\Ole\AppData\Roaming\Comma Separated Values (Windows).CAL
[2011/05/05 19:57:34 | 000,000,032 | ---- | M] () -- C:\Windows\System32\EUOD.DAT
[2011/05/02 16:58:01 | 000,000,414 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version3.job
[2011/05/02 16:58:01 | 000,000,372 | ---- | M] () -- C:\Windows\tasks\PC Health Advisor Defrag.job
[2011/05/02 16:58:01 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\PC Health Advisor.job
[2011/05/02 16:40:59 | 000,000,904 | ---- | M] () -- C:\Users\Ole\Desktop\ParetoLogic PC Health Advisor.lnk
[2011/05/02 14:53:17 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2011/05/01 19:34:35 | 000,043,520 | ---- | M] () -- C:\Users\Ole\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/01 15:12:43 | 000,433,297 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20110510-184838.backup
[2011/04/25 07:47:05 | 000,000,680 | ---- | M] () -- C:\Users\Ole\AppData\Local\d3d9caps.dat

========== Files Created - No Company Name ==========

[2011/05/23 19:50:23 | 000,124,396 | ---- | C] () -- C:\Users\Ole\Documents\Image 000.png
[2011/05/22 20:16:18 | 000,001,831 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/05/21 17:44:10 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/05/21 17:44:10 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/05/21 17:44:10 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/05/21 17:44:10 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/05/21 17:44:10 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/05/21 17:37:10 | 004,352,567 | R--- | C] () -- C:\Users\Ole\Desktop\ComboFix.exe
[2011/05/21 07:56:27 | 000,000,512 | ---- | C] () -- C:\Users\Ole\Desktop\MBR.dat
[2011/05/21 07:53:58 | 000,000,133 | ---- | C] () -- C:\Users\Ole\Desktop\regfix.reg
[2011/05/19 19:30:30 | 000,000,915 | ---- | C] () -- C:\Users\Ole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/05/19 19:30:14 | 000,000,735 | ---- | C] () -- C:\Users\Ole\Desktop\NTREGOPT.lnk
[2011/05/19 19:30:14 | 000,000,716 | ---- | C] () -- C:\Users\Ole\Desktop\ERUNT.lnk
[2011/05/12 08:59:20 | 000,000,860 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/05/12 07:50:43 | 369,589,978 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/05/10 08:50:22 | 002,174,580 | ---- | C] () -- C:\Windows\System32\drivers\Cat.DB
[2011/05/10 08:47:57 | 000,513,008 | ---- | C] () -- C:\Users\Ole\Desktop\avinstall.exe
[2011/05/06 09:10:19 | 000,012,939 | ---- | C] () -- C:\Users\Ole\AppData\Roaming\Comma Separated Values (Windows).CAL
[2011/05/06 09:05:44 | 008,326,420 | ---- | C] () -- C:\Users\Ole\Documents\GUG_Packard Bell_1.0_NL_DT.pdf
[2011/05/02 16:41:21 | 000,000,440 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2011/05/02 16:40:59 | 000,000,904 | ---- | C] () -- C:\Users\Ole\Desktop\ParetoLogic PC Health Advisor.lnk
[2011/05/02 16:40:59 | 000,000,414 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Update Version3.job
[2011/05/02 16:40:59 | 000,000,372 | ---- | C] () -- C:\Windows\tasks\PC Health Advisor Defrag.job
[2011/05/02 16:40:58 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\PC Health Advisor.job
[2011/04/10 15:43:27 | 000,000,032 | ---- | C] () -- C:\Windows\System32\EUOD.DAT
[2011/03/12 17:31:57 | 000,017,408 | ---- | C] () -- C:\Windows\START32.EXE
[2011/03/12 17:31:56 | 000,000,335 | ---- | C] () -- C:\Windows\mozregistry.dat
[2011/03/12 15:29:05 | 000,028,259 | ---- | C] () -- C:\Users\Ole\AppData\Roaming\Comma Separated Values (Windows).ADR
[2011/01/04 12:14:37 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2011/01/04 12:14:37 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2011/01/03 18:38:15 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2010/12/25 12:02:34 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2010/12/25 11:21:47 | 000,887,296 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/12/25 11:21:47 | 000,198,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010/11/10 19:28:18 | 000,000,000 | ---- | C] () -- C:\Windows\PowerReg.dat
[2010/11/10 19:25:29 | 000,291,328 | ---- | C] () -- C:\Windows\System32\binkw32.dll
[2010/05/30 16:50:51 | 000,000,195 | ---- | C] () -- C:\Users\Ole\AppData\Roaming\default.rss
[2009/12/10 18:38:40 | 000,000,680 | ---- | C] () -- C:\Users\Ole\AppData\Local\d3d9caps.dat
[2009/12/03 10:27:30 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009/11/08 00:51:58 | 000,057,344 | ---- | C] () -- C:\Windows\rzrunins.exe
[2009/10/31 23:35:48 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2009/10/19 22:28:58 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/10/19 22:28:57 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/26 20:29:29 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI
[2009/07/26 20:23:42 | 000,000,032 | ---- | C] () -- C:\Windows\start.INI
[2009/05/21 20:22:50 | 000,001,821 | ---- | C] () -- C:\Windows\CDPlayer.ini
[2009/05/21 15:24:28 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009/05/21 15:24:27 | 000,043,520 | ---- | C] () -- C:\Users\Ole\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/21 08:45:43 | 000,000,000 | ---- | C] () -- C:\Users\Ole\AppData\Roaming\wklnhst.dat
[2009/05/20 22:45:55 | 000,079,360 | ---- | C] () -- C:\Windows\System32\acdbres.dll
[2009/05/20 17:26:37 | 000,000,608 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/05/20 11:36:09 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009/05/20 11:36:02 | 000,008,164 | ---- | C] () -- C:\Windows\System32\ezdigsgn.dat
[2008/09/28 06:46:56 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2008/09/28 06:19:14 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/01/21 07:45:56 | 000,689,956 | ---- | C] () -- C:\Windows\System32\perfh013.dat
[2008/01/21 07:45:56 | 000,336,440 | ---- | C] () -- C:\Windows\System32\perfi013.dat
[2008/01/21 07:45:56 | 000,135,744 | ---- | C] () -- C:\Windows\System32\perfc013.dat
[2008/01/21 07:45:56 | 000,041,976 | ---- | C] () -- C:\Windows\System32\perfd013.dat
[2006/11/02 14:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 14:44:53 | 000,480,480 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 12:33:01 | 000,607,470 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 12:33:01 | 000,108,742 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 12:25:25 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscld.dll
[2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2002/03/13 16:46:46 | 000,053,248 | ---- | C] () -- C:\Windows\System32\ZLib.dll
[2001/04/23 01:07:28 | 000,045,056 | ---- | C] () -- C:\Windows\System32\mtstack.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 94 bytes -> C:\ProgramData\TEMP:C947F6D9
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:D158BAF9
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:93E9C78D
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >
 
I am looking at your screenshot , let me ask you, when you highlight one of those entries and select Uninstall, do you not have that option ???
 
it's weird. When I right click on one highlighted item (right click that is) there comes a drop down menu with one,two or three empty options. If I click on one of them, there comes an empty dialog box with a warning, giving me the choice "yes or no" but with no title or txt inside.
I took another screencap with the dialogbox. It seems I cant take a screenshot with my mouse menu down. It's been like this for some time now, but I've worked around it with other tools.
 
I'll do that tomorrow, just a last question, Erunt gave me a warning. I suppose I can shut it down from startup and it's nothing bad. Pic included
 
Looks like it just would not run, not sure but will check on it an get back to you when you post back
 
As for the answer from the wtt forums: They knew about the problem, I didn't try it yet, It'll be my project for another day.

Hi, and welcome to the WTT forums
welcome.gif
We come across the problem you describe from time to time....
Take a look here:
http://www.mydigitallife.info/vista-uninst...nd-not-showing/
I hope that this will help you.
Note: If you should find it necessary to edit the Registry to reset the "views" then before following the directions here:
http://www.mydigitallife.info/delete-and-r...lt-clean-state/
be sure that you back up your Registry before you start. Erunt is good for this, and available from here:
http://www.larshederer.homepage.t-online.de/erunt/
Regards
paws

This post has been edited by paws: Today, 11:50 AM
 
Ok, thanks for letting me know, your in good hands with PAWS, I will keep this thread open for you for a few days, post back and let me know if its been resolved
 
I'll leave it be for now, it's a minor bug in windows and doesn't do any harm. And it look like a lot of work putting it all back in order again.

So this mail is to let you ppl know that this thread can be closed as far as I am concerned.

Thanks for the great help I got, and I will donate for the further advance of Spybot Team.

Q
 
:bigthumb:

Thanks for getting back to me.

  • Click START then RUN
  • Now type Combofix /uninstall in the runbox and click OK. Note the space between the X and the /, it needs to be there.


    CF-Uninstall.png




Open OTL and click on Clean Up and it will remove programs we used to clean your system along with there backups

Malwarebytes is the free version and yours to keep and will not be removed




Safe Surfn
Ken
 
You must log in or register to reply here.
Back
Top